1 {% set enabled_roles = roles|rejectattr('disable_upgrade_deployment')|list -%}
2 {% set batch_upgrade_steps_max = 3 -%}
3 {% set upgrade_steps_max = 6 -%}
4 {% set deliver_script = {'deliver': False} -%}
5 heat_template_version: ocata
6 description: 'Upgrade steps for all roles'
14 description: Mapping of Role name e.g Controller to the per-role data
19 Setting to a previously unused value during stack-update will trigger
20 the Upgrade resources to re-run on all roles.
23 description: Mapping of service endpoint -> protocol. Typically set
24 via parameter_defaults in the resource registry.
29 description: Keystone region for endpoint
31 description: The password for the nova service and db account, used by nova-api.
36 # Conditions to disable any steps where the task list is empty
37 {%- for role in roles %}
38 {{role.name}}UpgradeBatchConfigEnabled:
41 - {get_param: [role_data, {{role.name}}, upgrade_batch_tasks]}
43 {{role.name}}UpgradeConfigEnabled:
46 - {get_param: [role_data, {{role.name}}, upgrade_tasks]}
52 {% for role in roles if role.disable_upgrade_deployment|default(false) %}
53 {{role.name}}DeliverUpgradeScriptConfig:
54 type: OS::Heat::SoftwareConfig
62 - "if hiera -c /etc/puppet/hiera.yaml service_names | grep nova_compute ; then\n\n"
63 - " crudini --set /etc/nova/nova.conf placement auth_type password\n\n"
64 - " crudini --set /etc/nova/nova.conf placement username placement\n\n"
65 - " crudini --set /etc/nova/nova.conf placement project_domain_name Default\n\n"
66 - " crudini --set /etc/nova/nova.conf placement user_domain_name Default\n\n"
67 - " crudini --set /etc/nova/nova.conf placement project_name service\n\n"
68 - " crudini --set /etc/nova/nova.conf placement os_interface internal\n\n"
71 crudini --set /etc/nova/nova.conf placement password 'SERVICE_PASSWORD'
72 crudini --set /etc/nova/nova.conf placement os_region_name 'REGION_NAME'
73 crudini --set /etc/nova/nova.conf placement auth_url 'AUTH_URL'
75 SERVICE_PASSWORD: { get_param: NovaPassword }
76 REGION_NAME: { get_param: KeystoneRegion }
77 AUTH_URL: { get_param: [EndpointMap, KeystoneAdmin, uri_no_suffix]}
78 - " systemctl restart openstack-nova-compute\n\n"
84 ROLE_NAME: {{role.name}}
85 - get_file: ../extraconfig/tasks/pacemaker_common_functions.sh
86 - get_file: ../extraconfig/tasks/run_puppet.sh
87 - get_file: ../extraconfig/tasks/tripleo_upgrade_node.sh
89 {{role.name}}DeliverUpgradeScriptDeployment:
90 type: OS::Heat::SoftwareDeploymentGroup
92 servers: {get_param: [servers, {{role.name}}]}
93 config: {get_resource: {{role.name}}DeliverUpgradeScriptConfig}
96 # Upgrade Steps for all roles, batched updates
97 # The UpgradeConfig resources could actually be created without
98 # serialization, but the event output is easier to follow if we
99 # do, and there should be minimal performance hit (creating the
100 # config is cheap compared to the time to apply the deployment).
101 {% for step in range(0, batch_upgrade_steps_max) %}
102 # Batch config resources step {{step}}
103 {%- for role in roles %}
104 {{role.name}}UpgradeBatchConfig_Step{{step}}:
105 type: OS::TripleO::UpgradeConfig
106 condition: {{role.name}}UpgradeBatchConfigEnabled
109 {%- for role_inside in enabled_roles %}
110 - {{role_inside.name}}UpgradeBatch_Step{{step -1}}
113 {% for role in roles if role.disable_upgrade_deployment|default(false) %}
114 {% if deliver_script.update({'deliver': True}) %} {% endif %}
116 {% if deliver_script.deliver %}
118 {% for dep in roles if dep.disable_upgrade_deployment|default(false) %}
119 - {{dep.name}}DeliverUpgradeScriptDeployment
124 UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_batch_tasks]}
128 # Batch deployment resources for step {{step}} (only for enabled roles)
129 {%- for role in enabled_roles %}
130 {{role.name}}UpgradeBatch_Step{{step}}:
131 type: OS::Heat::SoftwareDeploymentGroup
132 condition: {{role.name}}UpgradeBatchConfigEnabled
135 {%- for role_inside in enabled_roles %}
136 - {{role_inside.name}}UpgradeBatch_Step{{step -1}}
139 {% for role in roles if role.disable_upgrade_deployment|default(false) %}
140 {% if deliver_script.update({'deliver': True}) %} {% endif %}
142 {% if deliver_script.deliver %}
144 {% for dep in roles if dep.disable_upgrade_deployment|default(false) %}
145 - {{dep.name}}DeliverUpgradeScriptDeployment
151 max_batch_size: {{role.upgrade_batch_size|default(1)}}
153 max_batch_size: {{role.upgrade_batch_size|default(1)}}
155 servers: {get_param: [servers, {{role.name}}]}
156 config: {get_resource: {{role.name}}UpgradeBatchConfig_Step{{step}}}
159 update_identifier: {get_param: UpdateIdentifier}
163 # Dump the puppet manifests to be apply later when disable_upgrade_deployment
165 {% for role in roles if role.disable_upgrade_deployment|default(false) %}
166 {{role.name}}DeliverPuppetConfig:
167 type: OS::Heat::SoftwareConfig
176 cat > /root/{{role.name}}_puppet_config.pp << ENDOFCAT
180 PUPPET_CLASSES: {get_param: [role_data, {{role.name}}, step_config]}
182 {{role.name}}DeliverPuppetDeployment:
183 type: OS::Heat::SoftwareDeploymentGroup
185 servers: {get_param: [servers, {{role.name}}]}
186 config: {get_resource: {{role.name}}DeliverPuppetConfig}
189 # Upgrade Steps for all roles
190 {%- for step in range(0, upgrade_steps_max) %}
191 # Config resources for step {{step}}
192 {%- for role in roles %}
193 {{role.name}}UpgradeConfig_Step{{step}}:
194 type: OS::TripleO::UpgradeConfig
195 condition: {{role.name}}UpgradeConfigEnabled
196 # The UpgradeConfig resources could actually be created without
197 # serialization, but the event output is easier to follow if we
198 # do, and there should be minimal performance hit (creating the
199 # config is cheap compared to the time to apply the deployment).
201 {%- for role_inside in enabled_roles %}
203 - {{role_inside.name}}Upgrade_Step{{step -1}}
205 - {{role_inside.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}}
209 UpgradeStepConfig: {get_param: [role_data, {{role.name}}, upgrade_tasks]}
213 # Deployment resources for step {{step}} (only for enabled roles)
214 {%- for role in enabled_roles %}
215 {{role.name}}Upgrade_Step{{step}}:
216 type: OS::Heat::SoftwareDeploymentGroup
217 condition: {{role.name}}UpgradeConfigEnabled
219 {%- for role_inside in enabled_roles %}
221 - {{role_inside.name}}Upgrade_Step{{step -1}}
223 - {{role_inside.name}}UpgradeBatch_Step{{batch_upgrade_steps_max -1}}
227 servers: {get_param: [servers, {{role.name}}]}
228 config: {get_resource: {{role.name}}UpgradeConfig_Step{{step}}}
231 update_identifier: {get_param: UpdateIdentifier}
235 # Post upgrade deployment steps for all roles
236 # This runs the normal configuration (e.g puppet) steps unless upgrade
237 # is disabled for the role
238 AllNodesPostUpgradeSteps:
239 type: OS::TripleO::PostUpgradeSteps
241 {%- for dep in enabled_roles %}
242 - {{dep.name}}Upgrade_Step{{upgrade_steps_max - 1}}
245 servers: {get_param: servers}
246 role_data: {get_param: role_data}
249 # Output the config for each role, just use Step1 as the config should be
250 # the same for all steps (only the tag provided differs)
252 description: The per-role upgrade configuration used
254 {% for role in roles %}
255 {{role.name.lower()}}: {get_attr: [{{role.name}}UpgradeConfig_Step1, upgrade_config]}